Trolls, bots, and sybils distort online discourse and compromise the security of networked platforms. User identity is central to the vectors of attack and manipulation employed in these contexts. However it has long seemed that, try as it might, the security community has been unable to stem the rising tide of such problems. We posit the Ghost Trilemma, that there are three key properties of identity -- sentience, location, and uniqueness -- that cannot be simultaneously verified in a fully-decentralized setting. Many fully-decentralized systems -- whether for communication or social coordination -- grapple with this trilemma in some way, perhaps unknowingly. In this Systematization of Knowledge (SoK) paper, we examine the design space, use cases, problems with prior approaches, and possible paths forward. We sketch a proof of this trilemma and outline options for practical, incrementally deployable schemes to achieve an acceptable tradeoff of trust in centralized trust anchors, decentralized operation, and an ability to withstand a range of attacks, while protecting user privacy.

翻译：网络喷子、机器人和虚假账户扭曲了在线讨论，并危及网络平台的安全性。用户身份是这些场景中攻击与操纵手段的核心要素。然而长期以来，尽管安全界尽力而为，却似乎仍未能遏制此类问题的蔓延趋势。我们提出"幽灵三难困境"：身份的三个关键属性——感知能力、位置和唯一性——在完全去中心化的环境中无法同时得到验证。许多完全去中心化的系统（无论是用于通信还是社交协调）都在某种程度上（或许并未意识到）应对这一三难困境。在这篇系统化知识（SoK）论文中，我们考察了设计空间、用例、先前方法存在的问题以及可能的推进路径。我们勾勒了该三难困境的证明纲要，并概述了实用化、可逐步部署的方案选项，以在集中式信任锚点的可信度、去中心化运营能力以及抵御多种攻击的能力之间达成可接受的权衡，同时保护用户隐私。